nerdexam
EC-Council

312-50V11 · Question #207

In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is th

The correct answer is B. In a pharming attack a victim is redirected to a fake website by modifying their host configuration. Pharming redirects victims to fake websites by manipulating DNS or host configuration, while phishing uses deceptive messages to trick users into visiting fake sites.

Social Engineering

Question

In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?

Options

  • ABoth pharming and phishing attacks are identical.
  • BIn a pharming attack a victim is redirected to a fake website by modifying their host configuration
  • CIn a phishing attack a victim is redirected to a fake website by modifying their host configuration
  • DBoth pharming and phishing attacks are purely technical and are not considered forms of social

How the community answered

(47 responses)
  • A
    2% (1)
  • B
    87% (41)
  • C
    9% (4)
  • D
    2% (1)

Why each option

Pharming redirects victims to fake websites by manipulating DNS or host configuration, while phishing uses deceptive messages to trick users into visiting fake sites.

ABoth pharming and phishing attacks are identical.

Pharming and phishing are distinct attack vectors - pharming is DNS or host-level manipulation while phishing is a social engineering technique using deceptive communications.

BIn a pharming attack a victim is redirected to a fake website by modifying their host configurationCorrect

In a pharming attack, an attacker poisons the victim's DNS cache, modifies the local hosts file, or compromises a DNS server so that a legitimate domain resolves to a malicious IP address. This redirection occurs transparently without requiring the victim to click a deceptive link. This distinguishes pharming from phishing, which relies on social engineering via emails or messages containing malicious links.

CIn a phishing attack a victim is redirected to a fake website by modifying their host configuration

Phishing does not modify host configuration; it relies on deceptive links in emails or messages to trick users into navigating to a fraudulent site voluntarily.

DBoth pharming and phishing attacks are purely technical and are not considered forms of social

Both attacks can incorporate social engineering elements, and phishing in particular is primarily a social engineering attack, making this characterization incorrect.

Concept tested: Differentiating pharming and phishing attack mechanisms

Source: https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks

Topics

#pharming#phishing#host file manipulation#DNS poisoning

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice